OT: freenet.de AutoReply
For the last couple of days I have been getting unwarranted messages from the German ISP Freenet.de with the following subject line: "AutoReply: Vielen Dank für Ihre Nachricht". It is basically a spam message showing links to several pages of freenet.de, crafted as if it was a reply to some message of mine asking for support. My impression is that I receive those message every time I send a message to this list, so I suspect that someone at freenet.de may have set up a list account just so it may send an automated message to everybody who is sending mail to the list. Has anybody else been receiving those message when sending mail to the list? Any idea on how to stop it? Thanks a lot. -- Andreas Philipp Noema Ltda. Bogotá, D.C. - Colombia
Hmmm, Sorry, I didn't get those messages the last times I wrote to this list. But I saw those mails, too. Perhaps it's one or more other list(s) we are both writing to... I will give it a closer look the next days. Greets, Daniel
For the last couple of days I have been getting unwarranted messages from the German ISP Freenet.de with the following subject line: "AutoReply: Vielen Dank für Ihre Nachricht". It is basically a spam message showing links to several pages of freenet.de, crafted as if it was a reply to some message of mine asking for support.
My impression is that I receive those message every time I send a message to this list, so I suspect that someone at freenet.de may have set up a list account just so it may send an automated message to everybody who is sending mail to the list.
Has anybody else been receiving those message when sending mail to the list? Any idea on how to stop it?
Thanks a lot. -- Andreas Philipp Noema Ltda. Bogotá, D.C. - Colombia
-- Psssst! Mit GMX Handyrechnung senken: http://www.gmx.net/de/go/mail 100 FreeSMS/Monat (GMX TopMail), 50 (GMX ProMail), 10 (GMX FreeMail)
Hi Andreas,
For the last couple of days I have been getting unwarranted messages from the German ISP Freenet.de with the following subject line: "AutoReply: Vielen Dank für Ihre Nachricht". It is basically a spam message showing links to several pages of freenet.de, crafted as if it was a reply to some message of mine asking for support.
... this is an out-of-office reply. It indicates that someone uses a freenet.de mailbox at work and activated the out-of-office reply while going on vacation. Now every time someone sends a message to the list, the list server sends it to his or her list member account too which immediately responds with such a message. This is a clear indication that either that person has forgotten to unsubscribe from the list while going on vacation or, far more common, that this person is either ignorant of the fact that every list member receives unwanted crap or a plain moron. Choose whatever you like best. ;-) The best policy is to NOT subscribe to a mailing list with a _work_ email address. suse-laptop mailing list members have received such messages frequently for quite a while last summer. You could easily tell which list members went on vacation, when that was and how long it lasted, just by analyzing the emails, people you've never heard of before. :-) Hope this clears the issue up a bit. -- cul8er Paul paul.foerster@gmx.net
Hi Paul! That sounds reasonable. But the mail I got was a mail which told me, that the email support of freenet.de can only be reached at the homepage via web form. So that would mean, that an email address like "service@freenet.de" or "support@freenet.de" got it to the list as member.... But the second question is: How can this be? As someone hast to fetch those messages to complete subscription, I cannot think of a way, the subscriber could confirm the request...... Very strange... Greets, Daniel Am Montag, 27. Dezember 2004 18:06 schrieb Paul Foerster:
Hi Andreas,
For the last couple of days I have been getting unwarranted messages from the German ISP Freenet.de with the following subject line: "AutoReply: Vielen Dank für Ihre Nachricht". It is basically a spam message showing links to several pages of freenet.de, crafted as if it was a reply to some message of mine asking for support.
... this is an out-of-office reply. It indicates that someone uses a freenet.de mailbox at work and activated the out-of-office reply while going on vacation. Now every time someone sends a message to the list, the list server sends it to his or her list member account too which immediately responds with such a message.
This is a clear indication that either that person has forgotten to unsubscribe from the list while going on vacation or, far more common, that this person is either ignorant of the fact that every list member receives unwanted crap or a plain moron. Choose whatever you like best. ;-)
The best policy is to NOT subscribe to a mailing list with a _work_ email address.
suse-laptop mailing list members have received such messages frequently for quite a while last summer. You could easily tell which list members went on vacation, when that was and how long it lasted, just by analyzing the emails, people you've never heard of before. :-)
Hope this clears the issue up a bit. -- cul8er
Paul paul.foerster@gmx.net
Hi Daniel,
But the second question is: How can this be? As someone hast to fetch those messages to complete subscription, I cannot think of a way, the subscriber could confirm the request......
... intercepting messages is only possible for a sysadmin. But if this is the case then freenet.de has some serious privacy problems... -- cul8er Paul paul.foerster@gmail.com
Huuuuuh.... That's an orwellish worst case scenario..... I love it ;) @suse list admins: I suggest searching the member's email addresses for officially sounding addresses from freenet.de like the examples service@, support@, webmaster@freenet.de Greets, Daniel Am Montag, 27. Dezember 2004 21:01 schrieb Paul Foerster:
Hi Daniel,
But the second question is: How can this be? As someone hast to fetch those messages to complete subscription, I cannot think of a way, the subscriber could confirm the request......
... intercepting messages is only possible for a sysadmin. But if this is the case then freenet.de has some serious privacy problems... -- cul8er
Paul paul.foerster@gmail.com
An observation and a question: The question is perhaps slightly off topic (please forgive)... I choose moron on the auto-reply issue... I get about 5 of such everytime I post a message at work on a particular discussion group... It's pretty easy to get your email anywhere in the world these days if it is really so important to reply right away. Otherwise it should wait until you get back... I tend to see the other consideration as something more sinister... Couldn't the senders address and reply to links also be "spoofed"? We have had a lot of that at work... Usually with infected attachments or html links to some rogue server trying to hack your lookout or windoze exploder... Lately some idiot/theif has been sending stuff to me pretending to be me. How stupid can you get? Some of the sender IP addresses also have been faked (not just the from line). Others were traced back to a broadband network somewhere in the Phillipines... Isn't it true that all someone really needs to do is subscribe to the group, then pull all the addresses from postings so they can spam everyone (perhaps from a different address)? They could pretend to be me, you, any corporation, or anyone who ever posted while they were subscribed.... While we are largely immune from normal hacks and viruses (It's all about the Linux!), poor judgement might lead anyone to give away sensitive information in an elaborate html based email spoof... Some spoofs hyperlink you to a website (even the address is a spoof) which is cloned from a well known bank or investment company. I suppose that all you need is one out of a hundred to fall for it and you have succeeded. Could this be something like that? "Just because I'm paranoid it doesn't mean everybody's not out to get me..." ;-) Cheers, Doug daniel.eckl@gmx.de wrote:
Huuuuuh.... That's an orwellish worst case scenario..... I love it ;)
@suse list admins: I suggest searching the member's email addresses for officially sounding addresses from freenet.de like the examples service@, support@, webmaster@freenet.de
Greets, Daniel
Am Montag, 27. Dezember 2004 21:01 schrieb Paul Foerster:
Hi Daniel,
But the second question is: How can this be? As someone hast to fetch those messages to complete subscription, I cannot think of a way, the subscriber could confirm the request......
... intercepting messages is only possible for a sysadmin. But if this is the case then freenet.de has some serious privacy problems... -- cul8er
Paul paul.foerster@gmail.com
Hi Doug! Well, you surely can spoof your from address when subscribing to a list. But every list I know (and suse-kde, too) needs that you are able to _get_ the first email from the mailing list manager and respond to it before you are subscribed... So you can send a subscription request stating you are billy@microsoft.com. But then the mail with the activation code will be sent to billy@microsoft.com and you will never get it and you can never complete the registration. I think that someone very funny has subscribed and after that activated a mail forward to an address like support@freeent.de. Relly very, very funny...... Greets, Daniel Douglas B. Wise schrieb am 01.01.2005 04:00:
An observation and a question: The question is perhaps slightly off topic (please forgive)...
I choose moron on the auto-reply issue... I get about 5 of such everytime I post a message at work on a particular discussion group... It's pretty easy to get your email anywhere in the world these days if it is really so important to reply right away. Otherwise it should wait until you get back...
I tend to see the other consideration as something more sinister... Couldn't the senders address and reply to links also be "spoofed"? We have had a lot of that at work... Usually with infected attachments or html links to some rogue server trying to hack your lookout or windoze exploder... Lately some idiot/theif has been sending stuff to me pretending to be me. How stupid can you get? Some of the sender IP addresses also have been faked (not just the from line). Others were traced back to a broadband network somewhere in the Phillipines...
Isn't it true that all someone really needs to do is subscribe to the group, then pull all the addresses from postings so they can spam everyone (perhaps from a different address)? They could pretend to be me, you, any corporation, or anyone who ever posted while they were subscribed.... While we are largely immune from normal hacks and viruses (It's all about the Linux!), poor judgement might lead anyone to give away sensitive information in an elaborate html based email spoof... Some spoofs hyperlink you to a website (even the address is a spoof) which is cloned from a well known bank or investment company. I suppose that all you need is one out of a hundred to fall for it and you have succeeded.
Could this be something like that?
"Just because I'm paranoid it doesn't mean everybody's not out to get me..." ;-)
Cheers,
Doug
daniel.eckl@gmx.de wrote:
Huuuuuh.... That's an orwellish worst case scenario..... I love it ;)
@suse list admins: I suggest searching the member's email addresses for officially sounding addresses from freenet.de like the examples service@, support@, webmaster@freenet.de
Greets, Daniel
Am Montag, 27. Dezember 2004 21:01 schrieb Paul Foerster:
Hi Daniel,
But the second question is: How can this be? As someone hast to fetch those messages to complete subscription, I cannot think of a way, the subscriber could confirm the request......
... intercepting messages is only possible for a sysadmin. But if this is the case then freenet.de has some serious privacy problems... -- cul8er
Paul paul.foerster@gmail.com
participants (5)
-
Andreas Philipp -
Daniel Eckl -
Daniel Eckl
-
Douglas B. Wise -
Paul Foerster